Vulnerabilities > CVE-2007-0162 - Local Privilege Escalation vulnerability in Unsanity Application Enhancer 2.0.2

CVSS 6.8 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

unsanity

NVD

Published: 2007-01-10

Updated: 2017-07-29

Summary

Unsanity Application Enhancer (APE) 2.0.2 installs with insecure permissions for the (1) ApplicationEnhancer binary and the (2) /Library/Frameworks/ApplicationEnhancer.framework directory, which allows local users to gain privileges by modifying or replacing the binary or library files.

Vulnerable Configurations

Part	Description	Count
Application	Unsanity Unsanity Application Enhancer 2.0.2	1

References

http://landonf.bikemonkey.org/code/macosx/MOAB_Day_8.20070109002959.18582.timor.html
http://osvdb.org/32661
http://projects.info-pull.com/moab/MOAB-08-01-2007.html
http://secunia.com/advisories/23649
http://www.securityfocus.com/bid/21951
https://exchange.xforce.ibmcloud.com/vulnerabilities/31349